Remzona54/compose
1
0
Fork 0
mirror of https://github.com/docker/compose.git synced 2026-06-28 04:03:48 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
compose/pkg
History
Guillaume Lours eb4b1cc3f6 fix(publish): prompt on sensitive-looking env literals 
Replace the "flag any literal env var" check with a key-name heuristic
backed by the upstream DefangLabs keyword detector (password, secret,
token, api_key, …), and convert the hard error into a prompt matching
the existing checkForBindMount / checkForSensitiveData UX. --with-env
silences the env prompt; literal config.content gets its own prompt.

The previous check flagged benign vars like LOG_LEVEL=info, blocking
the 99% case, while still missing low-entropy real secrets the
existing secret-detector skips (MYSQL_ROOT_PASSWORD=toto slips through
on entropy ~1.5).

Refs: docker/compose#13394

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Signed-off-by: Guillaume Lours <glours@users.noreply.github.com>
2026-05-20 15:48:38 +02:00
..
api fix: provider output handling and watch rebuild re-invocation 2026-04-14 11:43:48 +02:00
bridge pkg/bridge: remove uses of go-connections 2026-02-11 12:32:37 +01:00
compose fix(publish): prompt on sensitive-looking env literals 2026-05-20 15:48:38 +02:00
dryrun go.mod: bump github.com/moby/moby/api v1.53.0, moby/client v0.2.2 2026-02-11 12:32:37 +01:00
e2e fix(publish): prompt on sensitive-looking env literals 2026-05-20 15:48:38 +02:00
mocks go.mod: bump github.com/moby/moby/api v1.53.0, moby/client v0.2.2 2026-02-11 12:32:37 +01:00
remote fix: route OCI artifact pulls through Docker Desktop HTTP proxy 2026-05-18 10:53:23 +02:00
utils fix: make e2e tests pass reliably locally with Docker Desktop 2026-05-18 10:55:41 +02:00
watch fix mixed assertion libraries in tests 2026-03-31 17:32:51 +02:00